Top 5 Things you thought were Secure but are Not! [100% SP]steemCreated with Sketch.

in #security8 years ago (edited)

When it comes to money, security is first. You think the things you use are secure, but in reality they are not. I will reveal to you 5 things that you were thought were secure for your money, but in reality are laughably insecure and dangerous.



credit-card-1680348_1280.jpg

1) Bank Cards

It is hilarious how much banks don't care about your security. Banks cards are literally laughable, the confidential information is printed right on the card itself! How hilarious is that, confidential info should alway be kept secret, with defenses proportional to the importance of the asset. Yet a 1$ balance card has the same security as a 100,000$ balance card.

If you go shopping in a supermarket, the supermarket usually has a camera near the till, so the camera can record your Card Number, your Security Number and the Pin Code as your type it in. So a rogue IT employee of a supermarket, or some hacker who hacks into it and steals video footage, can easily get access to your card info and steal all your money. Yes it would be that easy.

With the advent of smartphones, and mini cameras, even a rogue shopper standing next to your could record your card info as you take it out of your wallet and type in the PIN into the card reader machine. Banks take you for a fool, since their security is a joke.



fingerprint-150159_1280.png

2) Fingerprint Authentication

You probably saw many movies where the super secret safe room was opened with fingerprint, and you thought they are a secure way to store assets, but they are really not.

Smart phones spoiled it, not that it was secure in the first place, but now it's even less secure. I mean you leave your fingerprint basically anywhere: on your mug , keyboard, documents handed over, bars your touch on subway, etc...

Anyone can get access to your fingerprint ,and with the smartphones, technically every phone app has access to your fingerprint. So the cops don't even need to record fingerprints of criminals anymore, they probably already have it, if 1 phone app is sharing it with them.

So if you thought you will buy a fingerprint authentication lock on your home door, then think twice, it would be trivial for a burglar to acquire it.


ip.bitcointalk.org.png

3) Online Bank Account

This one is really hilarious. Everything online is pretty much unsafe. People get their bank account hacked all the time, from malware on their PC, to just accidents, to having a weak password or a persistent hacker does everything he can to steal your money.

This is no joke, people lose billions yearly to this one, and banks don't care, after all what alternative do your have other than bank? (Bitcoin) So banks won't work hard to solve this problem, until of course they go out of business as everyone will use Bitcoin for additional security.

Bitcoin transactions can be signed safely, and broadcasting a transaction is safe, whereas doing operations on an online bank account is not.


lock-143616_1280.jpg

4) Closed-Source Software

All closed-source software are insecure. Be that your encryption software, your operating system, your trading software, your spreadsheet manager (where you manage your finances), all are insecure. This can be due to malice or negligence, but any bug or bad code can slip into a software, and if the source code is not public so that experienced people can verify it, then it's very very bad.

Most people here use closed source/proprietary software, and they are not even aware of the risks. Just look at Windows, specifically Windows XP, it was allegedly shown that XP gets infected by malware after just 1 day of surfing the internet. How can you trust an operating system like that with your money?

And the others are not better, it's not like Windows 10 is any better, since it has many privacy invading elements, that can be abused by sophisticated hackers. And even if they are honestly reviewing the bugs and fixing it, it is inferior to an open source software that can be reviewed by millions of people, instead of just a handful of employees. Just use open-source whenever possible.


iphone-476237_1280.jpg

5) Smart Phones

Whenever I see people storing Bitcoins on a phone or having a mobile banking app installed, I get shocked. Smart phones are probably the worst place to store money, I'd rather take my chances with a virused Windows XP, than a smart phone.

It's not just that smart phones operating systems are closed sources, but the fact that smart phones can be hacked by Stingray Devices. So it doesn't even matter if you have an open source OS on your phone, it is a very vulnerable device by the way it's designed to operate.

A phone always requires a trusted setup, a trusted phone tower, and if these stingrays are beginning to be used by criminals, then your phone will get hacked eventually, guaranteed. Look a phone is supposed to be a device for talking to people, not for e-banking.

Let's not try to add a role to something that was not designed for it, a phone should be for talking and taking photos, let's not complicate it's role. If you want a secure device, better get your hands on a hardware wallet for your crypto coins!


Image Credit: zeroday at https://bitcointalk.org/index.php?topic=160292.0


Upvote, ReSteem & bluebutton


profit
Sort:  

So true! And the same holds for the other comment on your post :)

Thanks for this reminder. Reminders never hurt!

How safe is steem on my steemit account? Should I be worried?
Thanks for answer.

If you are logging in with your posting key then it should be safe. Althought the owner key should be offline generated for maximum security, but by not reusing it for login afterwards massively decreases the risk of hackers stealing it. Read my previous article:
https://steemit.com/steemit/@profitgenerator/warning-your-steemit-password-is-at-risk

Thanks again for advice. Your linked post is very helpful.

No problem, 1 correction though, the master owner private key/password should never be used, only if you want to change it (if it gets compromized). Instead you only need 2:

  • Posting Private Key: for posting & upvoting
  • Active Private Key: for moving money & SP

The active key can move money, but it can't change itself, so if a thief gets their hand on it, he cant lock you out. And seeing that you have your money in SP, you can easily see if somebody has intruded in your account, he probably cant steal a much money before you noticing it.

The owner private key should be kept at maximum security, and should be only used for as backup if you want to change it.

I am not sure but I think you can generate the keys in the Steem wallet software safer than through browser, but I am not sure on this.

But if you change the owner key in browser you have to login at least once with it, to view your other keys, so there is some risk there that an MITM attack can steal it, although that depends on how safe HTTPS is.

This post has been linked to from another place on Steem.

This post has also been linked to from Reddit.

Learn more about and upvote to support linkback bot v0.5. Flag this comment if you don't want the bot to continue posting linkbacks for your posts.

Built by @ontofractal